Jump to content

leehaze

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

Reputation

0 Neutral
  1. leehaze
    it's 4 months old. I'm working on contacting the company.
  2. leehaze
    The computer didn't come with a CD or USB stick. It's a laptop with no DVD drive. It came with Windows 8 preloaded. Then I updated online. I do have an external drive...There isn't a way to get it online and download to a CD, is there?
  3. leehaze
    Is there I can do to get administrator status again?
  4. leehaze
    system restore did not successfully complete. c:\ might be corrupt. startup repair couldn't repair PC Error Checking after doing CHKDSK windows found error on this drive that need to be repaired. Close this dialog box and then repair the drive. There was no option to fix the c:\ I was trying to do a complete restore -- the other repairs and keeping my documents wasn't working. and it deleted my profile. it's in Safe Mode. The other profile is for my kids... the computer won't let me open their profile since it's in Safe Mode.
  5. leehaze
    When i started teh computer this morning, it had a screen open "Automatic Repair Windows coudln't load correctly System Restore can try to restore your PC to an earlier point in the time when it worked correctly. This rpair will not change personal data, but it might remove some apps that were installed recently. You cannot undo this process. Should I System Restore?
  6. leehaze
    I tried to run the ESET online scanner. The computer froze, then this appeared. LegacyFeatures.exe configuration parser error 0xC00CE505 error parsing c:\\windows\microsoft.net\frameworkv4.0.30329\config\machine.config it restarted and while i tried to start ESET again, this happened: Your PC ran into a problem and needs to restart. We just collecting some error info, and then we'll restart you. --it's been doing this since the problem started. Today it had an additional loud buzzing sound restarted, then this before i could get Explorer opened: wermgr.exe--application Error The instruction at 0x676cfa5c referenced memory at 0x676a272c The memory couldn not be written. Click OK to terminate the program. Click ok to terminate the program. restarted and then this: The instruction at 0x73fa29f5 referenced memory at 0x71b8c8ec. The memory couldn't be read. Click ok to termitate the program. Your PC ran into a problem and needs to restart. We just collecting some error info, and then we'll restart you. --it's been doing this since the problem started.
  7. leehaze
    Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2014.03.22.07 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16521 Jennifer :: JNEWBIE [administrator] Protection: Enabled 3/22/2014 10:21:18 AM mbam-log-2014-03-22 (10-21-18).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 261243 Time elapsed: 4 minute(s), 21 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  8. leehaze
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by Jennifer at 2014-03-22 08:29:42 Run:1 Running from C:\Users\Jennifer\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** Start GroupPolicyUsers\S-1-5-21-1638550677-2088146564-2875212767-1002\User: Group Policy restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-1638550677-2088146564-2875212767-1001\User: Group Policy restriction detected <======= ATTENTION C:\ProgramData\RegistryReviver.exe C:\Users\Jennifer\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe C:\Users\Jennifer\AppData\Local\Temp\nitro_pro8_x64(1).exe C:\Users\Jennifer\AppData\Local\Temp\nitro_pro8_x64.exe AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\Jennifer\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Jennifer\SkyDrive (2).old:ms-properties AlternateDataStreams: C:\Users\Jennifer\SkyDrive (3).old:ms-properties AlternateDataStreams: C:\Users\Jennifer\SkyDrive (4).old:ms-properties AlternateDataStreams: C:\Users\Jennifer\SkyDrive (5).old:ms-properties AlternateDataStreams: C:\Users\Jennifer\SkyDrive.old:ms-properties End ***************** C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1638550677-2088146564-2875212767-1002\User => Moved successfully. C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1638550677-2088146564-2875212767-1001\User => Moved successfully. C:\ProgramData\RegistryReviver.exe => Moved successfully. C:\Users\Jennifer\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe => Moved successfully. C:\Users\Jennifer\AppData\Local\Temp\nitro_pro8_x64(1).exe => Moved successfully. C:\Users\Jennifer\AppData\Local\Temp\nitro_pro8_x64.exe => Moved successfully. C:\Windows => ":nlsPreferences" ADS removed successfully. "C:\Users\Jennifer\SkyDrive" => ":ms-properties" ADS not found. "C:\Users\Jennifer\SkyDrive (2).old" => ":ms-properties" ADS not found. "C:\Users\Jennifer\SkyDrive (3).old" => ":ms-properties" ADS not found. "C:\Users\Jennifer\SkyDrive (4).old" => ":ms-properties" ADS not found. "C:\Users\Jennifer\SkyDrive (5).old" => ":ms-properties" ADS not found. "C:\Users\Jennifer\SkyDrive.old" => ":ms-properties" ADS not found. The system needed a reboot. ==== End of Fixlog ====
  9. leehaze
    Here's the addition.txt Addition.txt
  10. leehaze
    how do i attach the addition.txt ?
  11. leehaze
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Jennifer (administrator) on JNEWBIE on 21-03-2014 23:00:59 Running from C:\Users\Jennifer\Downloads Windows 8.1 Pro (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe (Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Lenovo, Japan, Ltd.) C:\Program Files (x86)\Lenovo\Tablet Service\LENOVO.TABSVC.exe (Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (ReviverSoft LLC) C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\x64\avfulsvr.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe () C:\Program Files (x86)\Integrated Camera\Monitor.exe (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [LenovoOptMouseUpdate] - C:\Program Files\Lenovo\HOTKEY\extapsup.exe [250976 2012-08-31] (Lenovo Group Limited) HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [382248 2013-02-12] (Lenovo.) HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2668024 2013-01-28] (Lenovo) HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation) HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [iMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [integrated Camera_Monitor] - C:\Program Files (x86)\Integrated Camera\monitor.exe [1841528 2012-08-10] () HKLM-x32\...\Run: [intelSBA] - C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel® Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60 HKLM-x32\...\Run: [Fastboot] - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-06-23] (Lenovo) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1638550677-2088146564-2875212767-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-09-29] (Microsoft Corporation) HKU\S-1-5-21-1638550677-2088146564-2875212767-1001\...\Run: [Google Update] - C:\Users\Jennifer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-23] (Google Inc.) GroupPolicyUsers\S-1-5-21-1638550677-2088146564-2875212767-1002\User: Group Policy restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-1638550677-2088146564-2875212767-1001\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.com SearchScopes: HKLM - DefaultScope {961456DC-A46A-4020-A33A-1685D695D657} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS SearchScopes: HKLM - {961456DC-A46A-4020-A33A-1685D695D657} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS SearchScopes: HKLM-x32 - DefaultScope {961456DC-A46A-4020-A33A-1685D695D657} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS SearchScopes: HKLM-x32 - {961456DC-A46A-4020-A33A-1685D695D657} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS SearchScopes: HKCU - DefaultScope {961456DC-A46A-4020-A33A-1685D695D657} URL = SearchScopes: HKCU - {961456DC-A46A-4020-A33A-1685D695D657} URL = BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 208.186.46.5 208.186.47.5 8.8.8.8 Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-24] CHR Extension: (Google Drive) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-24] CHR Extension: (YouTube) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-24] CHR Extension: (Google Search) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-24] CHR Extension: (Norton Identity Protection) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-24] CHR Extension: (Google Wallet) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24] CHR Extension: (Gmail) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-24] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2013-12-16] ==================== Services (Whitelisted) ================= S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [960368 2012-12-14] (Broadcom Corporation.) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies) R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-06-23] (Lenovo) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation) R2 intelsba; C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited) R2 LENOVO.TABSVC; C:\Program Files (x86)\Lenovo\Tablet Service\LENOVO.TABSVC.exe [992112 2012-08-23] (Lenovo, Japan, Ltd.) S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited) R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-01-28] (Lenovo) R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [462840 2013-02-22] () S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation) R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6835784 2013-06-23] (Broadcom Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider) S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation) R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies) S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-06-23] (Windows ® Win 7 DDK provider) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20131220.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-29] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131222.006\ENG64.SYS [126040 2013-11-21] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131222.006\EX64.SYS [2099288 2013-11-21] (Symantec Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-08] (Realtek Semiconductor Corp.) R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-09] (Synaptics Incorporated) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1063288 2012-07-20] (Sunplus) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation) R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-28] (Microsoft Corporation) S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited) R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation) R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation) R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-11-23] (Symantec Corporation) S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-21 22:54 - 2014-03-21 22:54 - 00286040 _____ () C:\WINDOWS\Minidump\032114-29687-01.dmp 2014-03-21 22:51 - 2014-03-21 22:52 - 02157056 _____ (Farbar) C:\Users\Jennifer\Downloads\FRST64 (1).exe 2014-03-21 21:24 - 2014-03-21 21:25 - 00038545 _____ () C:\Users\Jennifer\Downloads\Addition.txt 2014-03-21 21:23 - 2014-03-21 23:00 - 00018336 _____ () C:\Users\Jennifer\Downloads\FRST.txt 2014-03-21 21:23 - 2014-03-21 22:53 - 00000000 ____D () C:\FRST 2014-03-21 21:23 - 2014-03-21 22:52 - 02157056 _____ (Farbar) C:\Users\Jennifer\Downloads\FRST64.exe 2014-03-21 21:19 - 2014-03-21 22:55 - 00000000 ___RD () C:\Users\Jennifer\SkyDrive 2014-03-21 21:12 - 2014-03-21 21:19 - 00000000 ___RD () C:\Users\Jennifer\SkyDrive (5).old 2014-03-21 21:11 - 2014-03-21 21:11 - 00262144 _____ () C:\WINDOWS\Minidump\032114-37437-01.dmp 2014-03-20 20:18 - 2014-03-21 21:12 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive (4).old 2014-03-20 20:14 - 2014-03-20 20:14 - 00000000 _____ () C:\Recovery.txt 2014-03-20 20:00 - 2014-03-20 20:00 - 00000000 ____D () C:\$WINDOWS.~BT 2014-03-20 19:34 - 2014-03-20 19:34 - 00286040 _____ () C:\WINDOWS\Minidump\032014-27906-01.dmp 2014-03-20 18:42 - 2014-03-20 18:42 - 00286040 _____ () C:\WINDOWS\Minidump\032014-27218-01.dmp 2014-03-20 18:31 - 2014-03-20 18:32 - 00286040 _____ () C:\WINDOWS\Minidump\032014-29750-01.dmp 2014-03-20 18:18 - 2014-03-20 18:19 - 00286040 _____ () C:\WINDOWS\Minidump\032014-29125-01.dmp 2014-03-19 22:06 - 2014-03-19 22:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security 2014-03-19 20:28 - 2014-03-21 22:41 - 00000000 ____D () C:\WINDOWS\pss 2014-03-19 19:22 - 2014-03-19 19:22 - 00286040 _____ () C:\WINDOWS\Minidump\031914-28625-01.dmp 2014-03-19 19:05 - 2014-03-19 19:05 - 00001136 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-03-19 19:05 - 2014-03-19 19:05 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Malwarebytes 2014-03-19 19:05 - 2014-03-19 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-19 18:59 - 2014-03-19 19:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jennifer\Downloads\mbam-setup-1.75.0.1300 (1).exe 2014-03-19 18:55 - 2014-03-19 19:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-19 18:55 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-03-19 18:50 - 2014-03-19 18:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jennifer\Downloads\mbam-setup-1.75.0.1300.exe 2014-03-19 18:34 - 2014-03-20 20:18 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive (3).old 2014-03-19 18:33 - 2014-03-19 18:33 - 00002232 ____N () C:\bootsqm.dat 2014-03-19 18:18 - 2014-03-19 18:18 - 00000000 ___SH () C:\DkHyperbootSync 2014-03-19 16:55 - 2014-03-19 16:55 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Mozilla 2014-03-19 16:51 - 2014-03-19 16:52 - 00286040 _____ () C:\WINDOWS\Minidump\031914-29671-01.dmp 2014-03-18 20:52 - 2014-03-18 20:52 - 00286040 _____ () C:\WINDOWS\Minidump\031814-25546-01.dmp 2014-03-18 20:01 - 2014-03-19 18:34 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive (2).old 2014-03-18 20:00 - 2014-03-18 20:00 - 00286040 _____ () C:\WINDOWS\Minidump\031814-25859-01.dmp 2014-03-18 19:48 - 2014-03-18 19:48 - 00286040 _____ () C:\WINDOWS\Minidump\031814-32984-01.dmp 2014-03-18 19:09 - 2014-03-18 19:09 - 00286040 _____ () C:\WINDOWS\Minidump\031814-18265-01.dmp 2014-03-18 18:32 - 2014-03-18 18:32 - 00286040 _____ () C:\WINDOWS\Minidump\031814-19171-01.dmp 2014-03-18 18:17 - 2014-03-21 22:54 - 912646764 _____ () C:\WINDOWS\MEMORY.DMP 2014-03-18 18:17 - 2014-03-21 22:54 - 00000000 ____D () C:\WINDOWS\Minidump 2014-03-18 18:17 - 2014-03-18 18:17 - 00286040 _____ () C:\WINDOWS\Minidump\031814-28468-01.dmp 2014-03-16 13:41 - 2014-03-16 13:41 - 00000019 _____ () C:\Users\Jennifer\Downloads\text_0 (1).txt 2014-03-13 16:21 - 2013-10-30 17:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-03-13 16:21 - 2013-10-30 17:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-03-13 16:21 - 2013-10-30 17:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-03-12 18:18 - 2014-02-28 23:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-03-12 18:18 - 2014-02-28 21:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-12 18:18 - 2013-12-20 03:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-03-12 18:18 - 2013-12-20 03:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-03-12 18:17 - 2014-02-28 21:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-03-12 18:17 - 2014-02-28 21:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-03-12 18:17 - 2014-02-28 20:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-03-12 18:17 - 2014-02-28 20:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-12 18:17 - 2014-02-28 20:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-03-12 18:17 - 2014-02-28 20:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-03-12 18:17 - 2014-02-28 20:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-12 18:17 - 2014-02-28 20:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-03-12 18:17 - 2014-02-28 20:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-12 18:17 - 2014-02-28 19:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-12 18:17 - 2014-02-28 19:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-03-12 18:17 - 2014-02-28 19:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-03-12 18:17 - 2014-02-28 19:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-12 18:17 - 2014-02-28 19:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-03-12 18:17 - 2014-02-28 19:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-12 18:17 - 2014-02-10 20:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-12 18:17 - 2014-02-10 19:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-03-12 18:17 - 2014-02-10 19:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-03-12 18:17 - 2014-01-31 09:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-03-12 18:17 - 2014-01-31 09:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-03-12 18:17 - 2014-01-31 09:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-03-12 18:17 - 2014-01-31 06:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-12 18:17 - 2014-01-31 02:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-03-12 18:17 - 2014-01-29 02:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-03-12 18:17 - 2014-01-29 01:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2014-03-12 18:17 - 2014-01-29 01:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2014-03-12 18:17 - 2014-01-29 01:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-03-12 18:17 - 2014-01-29 01:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-03-12 18:17 - 2014-01-29 00:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-03-12 18:17 - 2014-01-29 00:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-12 18:17 - 2014-01-29 00:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-12 18:17 - 2014-01-28 23:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-12 18:17 - 2014-01-28 17:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2014-03-12 18:17 - 2014-01-27 12:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2014-03-12 18:17 - 2014-01-27 12:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-03-12 18:17 - 2014-01-27 12:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2014-03-12 18:17 - 2014-01-27 11:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-12 18:17 - 2014-01-27 11:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-12 18:17 - 2014-01-27 11:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-12 18:17 - 2014-01-27 11:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-12 18:17 - 2014-01-27 11:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-03-12 18:17 - 2014-01-27 10:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-12 18:17 - 2014-01-27 10:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2014-03-12 18:17 - 2014-01-27 10:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-12 18:17 - 2014-01-27 08:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-12 18:17 - 2014-01-27 08:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-03-12 18:17 - 2014-01-27 04:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-03-12 18:17 - 2014-01-17 16:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-03-12 18:17 - 2014-01-17 14:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-12 18:17 - 2013-12-21 07:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2014-03-12 18:17 - 2013-12-21 01:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2014-03-11 18:18 - 2014-03-11 18:18 - 00000019 _____ () C:\Users\Jennifer\Downloads\text_0.txt ==================== One Month Modified Files and Folders ======= 2014-03-21 23:01 - 2014-03-21 21:23 - 00018336 _____ () C:\Users\Jennifer\Downloads\FRST.txt 2014-03-21 23:00 - 2014-03-21 21:23 - 00000000 ____D () C:\FRST 2014-03-21 23:00 - 2013-11-28 23:22 - 02030479 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-21 23:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-21 22:59 - 2013-09-29 21:04 - 00005448 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-21 22:58 - 2013-11-24 22:13 - 00000000 ____D () C:\Users\Jennifer\AppData\Local\CrashDumps 2014-03-21 22:57 - 2013-11-22 19:54 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Nitro PDF 2014-03-21 22:55 - 2014-03-21 21:19 - 00000000 ___RD () C:\Users\Jennifer\SkyDrive 2014-03-21 22:55 - 2013-11-28 23:22 - 00000000 ____D () C:\Users\Jennifer 2014-03-21 22:55 - 2013-11-24 09:06 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-21 22:55 - 2013-11-22 20:07 - 00000320 _____ () C:\WINDOWS\Tasks\Start Registry Reviver for jnewbie@Jennifer(logon).job 2014-03-21 22:54 - 2014-03-21 22:54 - 00286040 _____ () C:\WINDOWS\Minidump\032114-29687-01.dmp 2014-03-21 22:54 - 2014-03-18 18:17 - 912646764 _____ () C:\WINDOWS\MEMORY.DMP 2014-03-21 22:54 - 2014-03-18 18:17 - 00000000 ____D () C:\WINDOWS\Minidump 2014-03-21 22:54 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-21 22:52 - 2014-03-21 22:51 - 02157056 _____ (Farbar) C:\Users\Jennifer\Downloads\FRST64 (1).exe 2014-03-21 22:52 - 2014-03-21 21:23 - 02157056 _____ (Farbar) C:\Users\Jennifer\Downloads\FRST64.exe 2014-03-21 22:49 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-03-21 22:42 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-21 22:41 - 2014-03-19 20:28 - 00000000 ____D () C:\WINDOWS\pss 2014-03-21 21:25 - 2014-03-21 21:24 - 00038545 _____ () C:\Users\Jennifer\Downloads\Addition.txt 2014-03-21 21:19 - 2014-03-21 21:12 - 00000000 ___RD () C:\Users\Jennifer\SkyDrive (5).old 2014-03-21 21:12 - 2014-03-20 20:18 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive (4).old 2014-03-21 21:11 - 2014-03-21 21:11 - 00262144 _____ () C:\WINDOWS\Minidump\032114-37437-01.dmp 2014-03-21 21:04 - 2013-12-23 19:49 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1638550677-2088146564-2875212767-1001UA.job 2014-03-20 20:18 - 2014-03-19 18:34 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive (3).old 2014-03-20 20:14 - 2014-03-20 20:14 - 00000000 _____ () C:\Recovery.txt 2014-03-20 20:00 - 2014-03-20 20:00 - 00000000 ____D () C:\$WINDOWS.~BT 2014-03-20 19:34 - 2014-03-20 19:34 - 00286040 _____ () C:\WINDOWS\Minidump\032014-27906-01.dmp 2014-03-20 19:26 - 2013-11-24 09:06 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-20 18:42 - 2014-03-20 18:42 - 00286040 _____ () C:\WINDOWS\Minidump\032014-27218-01.dmp 2014-03-20 18:32 - 2014-03-20 18:31 - 00286040 _____ () C:\WINDOWS\Minidump\032014-29750-01.dmp 2014-03-20 18:19 - 2014-03-20 18:18 - 00286040 _____ () C:\WINDOWS\Minidump\032014-29125-01.dmp 2014-03-20 18:08 - 2013-09-29 20:55 - 00032646 _____ () C:\WINDOWS\PFRO.log 2014-03-19 22:24 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-03-19 22:06 - 2014-03-19 22:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security 2014-03-19 20:11 - 2013-06-23 18:13 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration 2014-03-19 19:22 - 2014-03-19 19:22 - 00286040 _____ () C:\WINDOWS\Minidump\031914-28625-01.dmp 2014-03-19 19:11 - 2013-11-22 20:02 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1638550677-2088146564-2875212767-1001 2014-03-19 19:05 - 2014-03-19 19:05 - 00001136 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-03-19 19:05 - 2014-03-19 19:05 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Malwarebytes 2014-03-19 19:05 - 2014-03-19 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-19 19:05 - 2014-03-19 18:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-19 19:00 - 2014-03-19 18:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jennifer\Downloads\mbam-setup-1.75.0.1300 (1).exe 2014-03-19 18:50 - 2014-03-19 18:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jennifer\Downloads\mbam-setup-1.75.0.1300.exe 2014-03-19 18:34 - 2014-03-18 20:01 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive (2).old 2014-03-19 18:33 - 2014-03-19 18:33 - 00002232 ____N () C:\bootsqm.dat 2014-03-19 18:18 - 2014-03-19 18:18 - 00000000 ___SH () C:\DkHyperbootSync 2014-03-19 17:51 - 2013-08-22 07:46 - 00338908 _____ () C:\WINDOWS\setupact.log 2014-03-19 16:55 - 2014-03-19 16:55 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Mozilla 2014-03-19 16:52 - 2014-03-19 16:51 - 00286040 _____ () C:\WINDOWS\Minidump\031914-29671-01.dmp 2014-03-18 20:52 - 2014-03-18 20:52 - 00286040 _____ () C:\WINDOWS\Minidump\031814-25546-01.dmp 2014-03-18 20:01 - 2013-11-29 08:22 - 00000000 __RDO () C:\Users\Jennifer\SkyDrive.old 2014-03-18 20:00 - 2014-03-18 20:00 - 00286040 _____ () C:\WINDOWS\Minidump\031814-25859-01.dmp 2014-03-18 19:51 - 2013-11-22 19:54 - 00000466 _____ () C:\Users\Jennifer\AppData\Local\RegisteredPackageInformation.xml 2014-03-18 19:48 - 2014-03-18 19:48 - 00286040 _____ () C:\WINDOWS\Minidump\031814-32984-01.dmp 2014-03-18 19:09 - 2014-03-18 19:09 - 00286040 _____ () C:\WINDOWS\Minidump\031814-18265-01.dmp 2014-03-18 18:32 - 2014-03-18 18:32 - 00286040 _____ () C:\WINDOWS\Minidump\031814-19171-01.dmp 2014-03-18 18:25 - 2013-11-28 23:22 - 00000000 ____D () C:\Users\boys 2014-03-18 18:22 - 2013-08-22 07:44 - 00474080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-18 18:17 - 2014-03-18 18:17 - 00286040 _____ () C:\WINDOWS\Minidump\031814-28468-01.dmp 2014-03-18 18:17 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-18 18:17 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-18 18:17 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-18 18:17 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-16 16:01 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-03-16 15:58 - 2013-12-26 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-16 15:58 - 2013-12-26 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-16 15:57 - 2013-11-28 17:41 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-16 15:24 - 2013-11-28 18:48 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1638550677-2088146564-2875212767-1002 2014-03-16 13:41 - 2014-03-16 13:41 - 00000019 _____ () C:\Users\Jennifer\Downloads\text_0 (1).txt 2014-03-16 12:04 - 2013-12-23 19:49 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1638550677-2088146564-2875212767-1001Core.job 2014-03-12 08:12 - 2013-11-28 18:29 - 00000193 _____ () C:\Users\boys\AppData\Local\RegisteredPackageInformation.xml 2014-03-11 18:18 - 2014-03-11 18:18 - 00000019 _____ () C:\Users\Jennifer\Downloads\text_0.txt 2014-03-10 22:32 - 2014-01-04 11:53 - 00028966 _____ () C:\Users\Jennifer\Documents\smile chart_paxton.xlsx 2014-03-10 22:23 - 2013-11-22 19:53 - 00000000 ____D () C:\Users\Jennifer\AppData\Local\Packages 2014-03-10 22:20 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-03-06 22:33 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports 2014-03-04 15:53 - 2013-08-22 08:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-03-04 15:53 - 2013-08-22 08:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-02 16:53 - 2013-11-28 18:31 - 00000000 ___RD () C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-02 16:53 - 2013-11-28 18:31 - 00000000 ___RD () C:\Users\boys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-02-28 23:05 - 2014-03-12 18:18 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-02-28 21:58 - 2014-03-12 18:17 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-02-28 21:30 - 2014-03-12 18:18 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-28 21:17 - 2014-03-12 18:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-28 20:54 - 2014-03-12 18:17 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-02-28 20:47 - 2014-03-12 18:17 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-28 20:42 - 2014-03-12 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-28 20:18 - 2014-03-12 18:17 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-28 20:14 - 2014-03-12 18:17 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-28 20:10 - 2014-03-12 18:17 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-28 20:03 - 2014-03-12 18:17 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-28 19:57 - 2014-03-12 18:17 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-28 19:38 - 2014-03-12 18:17 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-28 19:32 - 2014-03-12 18:17 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-02-28 19:27 - 2014-03-12 18:17 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-28 19:25 - 2014-03-12 18:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-02-28 19:25 - 2014-03-12 18:17 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-23 10:20 - 2013-11-22 20:06 - 00000000 ____D () C:\ldiag 2014-02-22 18:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-02-22 14:22 - 2013-11-22 19:56 - 00000000 ___RD () C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-22 14:22 - 2013-11-22 19:56 - 00000000 ___RD () C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-02-22 14:19 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-02-22 14:19 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-22 14:19 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-22 14:19 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-22 14:19 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-02-22 14:19 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-02-20 19:59 - 2013-06-23 18:07 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo 2014-02-20 19:59 - 2013-06-23 17:53 - 00000000 ____D () C:\Program Files\Lenovo Files to move or delete: ==================== C:\ProgramData\RegistryReviver.exe Some content of TEMP: ==================== C:\Users\Jennifer\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe C:\Users\Jennifer\AppData\Local\Temp\nitro_pro8_x64(1).exe C:\Users\Jennifer\AppData\Local\Temp\nitro_pro8_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys [2014-03-12 18:17] - [2014-01-31 09:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-03-18 19:28 ==================== End Of Log ============================
  12. leehaze
    Chrome wasn't working, then computer shut itself down with a screen that said it was collecting data and would restart when it was done. I tried using Malware and removing in Safe Mode, but when I returned to regular mode same problems occur. Advice?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.